From owner-freebsd-security Sun Oct 1 14: 9:26 2000 Delivered-To: freebsd-security@freebsd.org Received: from giganda.komkon.org (giganda.komkon.org [209.125.17.66]) by hub.freebsd.org (Postfix) with ESMTP id 8BD1F37B502; Sun, 1 Oct 2000 14:09:22 -0700 (PDT) Received: (from str@localhost) by giganda.komkon.org (8.9.3/8.9.3) id RAA56369; Sun, 1 Oct 2000 17:09:22 -0400 (EDT) (envelope-from str) Date: Sun, 1 Oct 2000 17:09:22 -0400 (EDT) From: Igor Roshchin Message-Id: <200010012109.RAA56369@giganda.komkon.org> To: kris@FreeBSD.org Subject: Re: advisory suggestion Cc: security@FreeBSD.org In-Reply-To: <20001001012524.B9499@freefall.freebsd.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Date: Sun, 1 Oct 2000 01:25:24 -0700 > From: Kris Kennaway > Subject: Re: advisory suggestion > > On Sat, Sep 30, 2000 at 10:12:38PM -0400, Igor Roshchin wrote: > > > Affects: FreeBSD..... > > ... including 3.5.1-RELEASE > > I thought I was doing that already..I always try and specifically > mention which releases were and were not vulnerable to the problem in > question. Yes, it is usually well done! You probably forgot about these additional "technical" releases (x.x.1) (which are not even mentioned on www.Freebsd.org) > > > Corrected: .... > > (including 4.1.1-RELEASE [and later]) > > Isn't it pretty obvious that once we fix a problem, it stays fixed, > and so if 4.1 is fixed then 4.1.1, 4.2, 4.3, 4.4, 4.4.145 (I predict a > serious problem with that release ;-), etc are all going to be fixed? > :-) "and later" was put in the square brackets because it was obvious :) The point was in "including 4.1.1-RELEASE" It makes it convenient if releases that are out at the time when the advisory is issued, to mention them explicitely. In this case, it was written, that 4.1-STABLE is fixed as of xx.xx.2000 It's clear that it is fixed in 4.2-RELEASE (whenever it's out) , but not clear about 4.1.1-RELEASE (you need to compare the dates) Igor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message